PT-2022-21872 · Hiwin · Hiwin Robot System

Name of the Vulnerable Software and Affected Versions: HIWIN Robot System Software version 3.3.21.9869 Description: The issue arises from the software's failure to properly address the terminated command source. This allows an attacker to craft code that can disconnect the HIWIN Robot System...

keycloak-httpd-client-install Insecure Secrets

keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users...

OS Command Injection in pixl-class

pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization...

CVE-2020-35729

KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter...

CVE-2017-14176

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

CA eSCC r8/1.0,eTrust Audit r8/1.5 Audit Event System Unspecified Replay Attack

No description provided by source. source: http://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a replay issue. These...

CA eSCC r8/1.0,eTrust Audit r8/1.5 Unspecified Arbitrary File Manipulation

No description provided by source. source: http://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a replay issue. These...

CA eTrust Security Command Center and eTrust Audit 存在多个漏洞

CA eTrust Security Command Center eSCC和eTrust Audit是CA产品安全命令执行和审核程序。 CA eTrust Security Command Center eSCC和eTrust Audit存在多个安全问题，远程攻击者可以利用漏洞获得敏感信息，执行任意文件删除或者重播攻击。 第一个问题是允许攻击者发现在windows平台上的web服务器路径信息，此漏洞影响eTrust Security Command Center Server 1.0, r8, r8 SP1 CR1, 和r8 SP1 CR2版本。...

CVE-2006-6610

clientcommands in Nexuiz before 2.2.1 has unknown impact and remote attack vectors related to "remote console command injection."...

CVE-2006-6610

clientcommands in Nexuiz before 2.2.1 has unknown impact and remote attack vectors related to "remote console command injection."...

CVE-2006-4899

The ePPIServlet script in Computer Associates CA eTrust Security Command Center 1.0 and r8 up to SP1 CR2, when running on Windows, allows remote attackers to obtain the web server path via a "'" single quote in the PIProfile function, which leaks the path in an error message...

CVE-2006-4901

Computer Associates CA eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments...

CVE-2006-4901

Computer Associates CA eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments...

CVE-2006-4900

CVE-2006-4900 affects Computer Associates eTrust Security Command Center (SCC) 1.0 and r8 up to SP1 CR2. The vulnerability is a directory traversal in the eSCCAdHocHtmlFile parameter to eSMPAuditServlet caused by improper handling in getadhochtml, allowing remote authenticated users to read and d...

CVE-2006-4899

CVE-2006-4899 affects CA eTrust Security Command Center (SCC) 1.0 and r8 up to SP1 CR2 on Windows. The ePPIServlet script’s PIProfile function leaks the web server path via a single quote in an error message, enabling remote attackers to discover the server path. This vulnerability’s impact is th...

CVE-2006-4901

CVE-2006-4901 affects CA eTrust Security Command Center (SCC) 1.0 and r8 up to SP1 CR2 and eTrust Audit 1.5 and r8. The vulnerability allows remote attackers to spoof alerts and perform replay attacks by invoking eTSAPISend.exe with crafted arguments. Affected products include SCC 1.0, SCC r8, SC...

CA eSCC r81.0 eTrust Audit r81.5 - Arbitrary File Manipulation

CA eSCC r81.0 eTrust Audit r81.5 - Arbitrary File Manipulation source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a...

CA eSCC r81.0 eTrust Audit r81.5 - Web Server Full Path Disclosure

CA eSCC r81.0 eTrust Audit r81.5 - Web Server Full Path Disclosure source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - ...

CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Web Server Full Path Disclosure

source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a replay issue. These vulnerabilities occur because the software...

Smart Search 4.25 - Remote Command Execution

source: https://www.securityfocus.com/bid/7133/info A vulnerability has been discovered in the Smart Search CGI script. Due to insufficient sanitization of user-supplied URI parameters, it may be possible for an attacker to execute arbitrary commands on a target system. All commands executed in...